Dynamic resiliency analysis of key predistribution in wireless sensor networks

Wireless sensor networks have been analyzed for more than a decade from operational and security points of view. Several key predistribution schemes have been proposed in the literature. Although valuable and state-of-the-art proposals have been made, their corresponding security analyses have not been performed by considering the dynamic nature of networking behavior and the time dimension. The sole metric used for resiliency analysis of key predistribution schemes is "fraction of links compromised" which is roughly defined as the ratio of secure communication links that the adversary can compromise over all secure links. However, this metric does not consider the dynamic nature of the network; it just analyzes a snapshot of the network without considering the time dimension. For example, possible dead nodes may cause change of routes and some captured links become useless for the attacker as time goes by. Moreover, an attacker cannot perform sensor node capturing at once, but performs over time. That is why a methodology for dynamic security analysis is needed in order to analyze the change of resiliency in time a more realistic way. In this paper, we propose such a dynamic approach to measure the resiliency of key predistribution schemes in sensor networks. We take the time dimension into account with a new performance metric, "captured message fraction". This metric is defined as the percentage of the messages generated within the network to be forwarded to the base station (sink) that are captured and read by the attacker. Our results show that for the cases where the static fraction of links compromised metric indicates approximately 40% of the links are compromised, our proposed captured message fraction metric shows 80% of the messages are captured by the attacker. This clearly proves the limitations of the static resiliency analysis in the literature

A unified approach to combinatorial key predistribution schemes for sensor networks

There have been numerous recent proposals for key predistribution schemes for wireless sensor networks based on various types of combinatorial structures such as designs and codes. Many of these schemes have very similar properties and are analysed in a similar manner. We seek to provide a unified framework to study these kinds of schemes. To do so, we define a new, general class of designs, termed “partially balanced t-designs”, that is sufficiently general that it encompasses almost all of the designs that have been proposed for combinatorial key predistribution schemes. However, this new class of designs still has sufficient structure that we are able to derive general formulas for the metrics of the resulting key predistribution schemes. These metrics can be evaluated for a particular scheme simply by substituting appropriate parameters of the underlying combinatorial structure into our general formulas. We also compare various classes of schemes based on different designs, and point out that some existing proposed schemes are in fact identical, even though their descriptions may seem different. We believe that our general framework should facilitate the analysis of proposals for combinatorial key predistribution schemes and their comparison with existing schemes, and also allow researchers to easily evaluate which scheme or schemes present the best combination of performance metrics for a given application scenario

Dynamic key ring update mechanism for mobile wireless sensor networks

Key distribution is an important issue to provide security in Wireless Sensor Networks (WSNs). Many of the key pre-distribution schemes proposed for static WSNs perform poorly when they are applied to Mobile Wireless Sensor Networks (MWSNs). In this paper, we propose Dynamic Key Ring Update (DKRU) mechanism for MWSNs. The aim of DKRU mechanism is to enable sensor nodes to update their key rings periodically during movement, by observing the frequent keys in their neighbors. Our mechanism can be used together with different key pre-distribution schemes and it helps to increase the performance of them. For the performance evaluation basis, we used our mechanism together with a location based key pre-distribution scheme. Our results show that DKRU mechanism increases the local and global connectivity when it is applied to MWSNs. Moreover, our mechanism does not cause a significant degradation in network resiliency

Dynamic keyring update mechanism for mobile wireless sensor networks/

Wireless Sensor Networks (WSNs) are composed of small, battery-powered devices called sensor nodes. Sensor nodes have sensing, processing and communication capabilities to monitor the environment and gather data. WSNs have various application areas ranging from military surveillance to forest fire detection. Security is an important issue for Wireless Sensor Networks because sensor nodes are deployed in hostile and unattended areas. Nodes are vulnerable to physical capture attacks and the attackers can easily eavesdrop on network communications. To provide security to WSNs, many key predistribution schemes have been proposed. However, most of these schemes consider the static WSNs and they perform poorly when they are applied to Mobile Wireless Sensor Networks (MWSNs). In this thesis, we propose Dynamic Keyring Update (DKRU) mechanism for MWSNs. The aim of DKRU mechanism is to enable sensor nodes to update their keyrings periodically during movement, by observing the frequent keys in their neighbors. Our mechanism can be used together with different key predistribution schemes and it helps to increase the performance of them. For performance evaluation reasons, we used our mechanism together with an existing random key predistribution scheme and a location-based key predistribution scheme. For each of these key predistribution schemes, we analyzed our mechanism using two different mobility models. Our results show that DKRU mechanism increases the local and global connectivity when it is applied to MWSNs. Moreover, our mechanism is scalable and it does not cause significant degradation in network resiliency and communication overhead

Deterministic Merging of Blocks in Combinatorial Design based Key Predistribution in Distributed Wireless Sensor Network

Sensor nodes have severe constraints in terms of its resources such as processing power, memory, communication range, battery power. Due to wireless nature of communication between nodes in a wireless sensor network, any attacker can intercept the communicating messages between sensor nodes. So the need for securing these messages is obvious. Due to resource constraints of sensor nodes, public key cryptography can’t be employed for securing the communication as public key cryptography demands much computational effort. So, private key cryptography is natural choice for securing the communication in wireless sensor network. Key predistribution has become obvious choice for distributing keys in sensor nodes for secured communication in a wireless sensor network. A pool of keys is first taken, and then a set of keys from this key pool is installed in every sensor node before their deployment. The keys predistributed to a particular sensor node can be drawn from the key pool probabilistically or deterministically. Combinatorial design which was originated as a branch of statistics and later found its vast application in coding theory and of late in cryptography plays a vital role in deterministic key predistribution. The connectivity and resiliency offered by some combinatorial design based key predistribution schemes can be sometimes offered by merging of blocks and then assign these merged blocks to sensor nodes. The question is how to choose blocks for merging? There is a prior general work on merging of blocks which has been studied on transversal design based key predistribution scheme. This approach is not deterministic, but heuristic. A deterministic algorithm for merging of blocks has been proposed. The orthogonal array based key predistribution scheme has been studied in detail and the non suitability of merging approach to improve its performance has been shown. In addition, a key establishment algorithm for transversal design based key predistribution scheme has been proposed

Two-tier, location-aware and highly resilient key predistribution scheme for wireless sensor networks /

Sensor nodes are low power, tiny, and computationally restricted microelectromechanical devices that usually run on battery. They are capable of communicating over short distances and of sensing information for specific purposes. In sensor networks, large amount of sensor nodes are deployed over a wide region. For secure communication among sensor nodes, secure links must be established via key agreement. Due to resource constraints, achieving such key agreement in wireless sensor networks is non-trivial. Many key establishment schemes, like Diffie-Hellman and public-key cryptography based protocols, proposed for general networks are not so suitable for sensor networks due to resource constraints. Since one cannot generally assume a trusted infrastructure, keys and/or keying materials must be distributed to sensor nodes before deployment of them. Such key distribution schemes are called key predistribution schemes. After deployment, sensor nodes use predistributed keys and/or keying materials to establish secure links using various techniques. In this thesis, we propose a probabilistic key predistribution scheme, in which we assume that certain deployment knowledge is available prior to deployment of sensor nodes. We use a two-tier approach in which there are two types of nodes: regular nodes and agent nodes. Agent nodes, which constitute a small percentage of all nodes, are more capable than regular nodes. Most of the regular nodes can establish shared keys among themselves without the help of agent nodes, whereas some other regular nodes make use of agent nodes as intermediaries for key establishment. We give a comparative analysis of our scheme through simulations and show that our scheme provides good connectivity for the sensor network. Moreover, our scheme exhibits substantially strong node-capture resiliency against small-scale attacks, while the resiliency of the network degrades gracefully as the number of captured nodes increases. In addition, the proposed scheme is scalable such that increasing the number of nodes in the network does not degrade the performance and does not increase the complexity. Another good characteristic of our scheme is that it is resistant against node fabrication and partially resistant against wormhole attacks

Resilient and highly connected key predistribution schemes for wireless sensor networks

Wireless sensor networks are composed of small, battery-powered devices called sensor nodes with restricted data processing, storage capabilities. Sensor nodes collect environmental data, such as temperature, humidity, light conditions, and transmit them using their integrated radio communication interface. In real life scenarios, the exact position of a node is not determined prior to deployment because their deployment methods are arbitrary. Wireless sensor networks may be used for critical operations such as military tracking, scientific and medical experiments. Sensor nodes may carry sensitive information. In such cases, securing communication between sensor nodes becomes an essential problem. Sensor nodes may easily be impersonated and compromised by malicious parties. In order to prevent this, there is a need for some cryptographic infrastructure. Public key cryptography is infeasible for sensor nodes with limited computation power. Hence symmetric key cryptography mechanisms are applied in order to provide security foundations. Due to resource constraints in sensor nodes, best solution seems to be symmetric key distribution prior to deployment. For each node, a number of keys are drawn uniformly random without replacement from a pool of symmetric keys and loaded in the node’s memory. After deployment, neighboring sensor nodes may share a key with a certain probability since all the keys are drawn from the same key pool. This is the basic idea of key predistribution schemes in wireless sensor networks. Also there are more advanced deployment models that take the change of network in time into consideration. The nodes are powered by batteries and the batteries eventually deplete in time. However the network needs to operate longer than the lifetime of a single node. In order to provide continuity, nodes are deployed and integrated in the network at different times along the operation of the network. These networks are called multiphase wireless sensor networks. The main challenge of these networks is to provide connectivity between node pairs deployed at different times. In this thesis, we proposed three different key predistribution schemes. In the first scheme, we introduce the concept of XORed key, which is the bitwise XOR of two regular (a.k.a single) keys. Sensor nodes are preloaded with a mixture of single and XORed keys. Nodes establish secure links by shared XORed keys if they can. If no shared XORed key exists between two neighboring nodes, they try single keys loaded in their memory. If node pairs do not have any shared XORed or single keys, they transfer keys from their secure neighbors in a couple of ways, and use them to match with their XORed keys. In this scheme, we aim to have a more resilient network to malicious activities by using XORed keys since an attacker has to know either both single key operands or the XORed key itself. We performed several simulations of our scheme and compared it with basic scheme [4]. Our scheme is up to 50% more connected as compared to basic scheme. Also it has better resilience performance at the beginning of a node capture attack and when it starts to deteriorate the difference between the resilience of our proposed scheme and basic scheme is not greater than 5%. The second scheme that we proposed is actually an extension that can be applied to most of the schemes. We propose an additional phase that is performed right after shared keys between neighboring nodes are discovered. As mentioned above, neighboring node pairs share a common key with a certain probability. Obviously some neighboring node pairs fail to find any shared key. In our proposed new phase, keys preloaded in memories of secure neighbors of a node a are transferred to a, if necessary, in order for a to establish new links with its neighboring nodes that they do not share any key. In this way, we achieve the same connectivity with traditional schemes with significantly fewer keys. We compared the performance of our scheme with basic scheme [4] after shared-key discovery phase and our results showed that our scheme achieved the same local connectivity performance with basic scheme, moreover while doing that, nodes in our scheme are loaded with three fourth of keys fewer than the keys loaded in nodes in basic scheme. In addition to that, our scheme is up to 50% more resilient than basic scheme with shared-key discovery phase under node capture attacks. The last scheme that we proposed is designed to be used for multi-phase wireless sensor networks. In our model, nodes are deployed at the beginning of some time epochs, called generations, in order to replace the dead nodes. Each generation has completely different key pool. Nodes are predistributed keys drawn uniformly random from key pools of different generations in order to have secure communication with nodes deployed at those generations. In other words, in our scheme keys are specific to generation pairs. This makes the job of attacker more difficult and improves the resiliency of our scheme. We compared our scheme to another key predistribution scheme designed for multi-phase wireless sensor networks. Our results showed that our scheme is up to 35% resilient in steady state even under heavy attacks

The effect of time dimension and network dynamics on key distribution in wireless sensor networks

The majority of studies on security in resource limited wireless sensor networks (WSN) focus on finding an efficient balance among energy consumption, computational speed and memory usage. Besides these resources, time, network dynamics (e.g. routing), and implementation and integration issues of the security solutions are relatively immature aspects that can be considered in system design and performance evaluations. In the first part of this thesis, we develop and analyze different implementation options of a Random Key Predistribution scheme in a real network simulation environment. Implementation options include Proactive Key Establishment and Reactive Key Establishment. In Proactive Key Establishment, pairwise keys are established at the beginning, prior to start of application. In Reactive Key Establishment, keys are established only whenever needed by the application during its execution. In literature the latter is known to preserve energy since it reduces useless key establishments; however, it also introduces delay in application traffic. We implement the reactive key establishment in such a way that key establishment traffic and energy consumption are reduced. As a result our reactive key establishment implementation has similar throughput performance with proactive scenarios despite the longer lifetime of reactive scenario. We also simulate an attack scenario and measure different metrics including a novel one. This new metric, the packet compromise ratio, reflects the harm caused by the adversary in a more realistic way. In our simulations, we show that packet compromise ratios are very high as compared to link compromise ratios for a long period. However, when the majority of nodes die, link compromise ratios exceed packet compromise ratios. This is an indication to the fact that link compromise ratios seem high even though there is no high amount of traffic in network to be compromised by adversary. Due to the results showing that classical key distribution schemes in WSNs have actually low resiliency, in the second part of this thesis, we propose new deployment models that improve resiliency. In a recent study by Castelluccia and Spognardi, the time dimension is used to lower the ratio of compromised links, thus, improving resiliency in key distribution in WSNs. This is achieved by making the old and possibly compromised keys useful only for a limited amount of time. In this way, the effect of compromised keys diminishes in time, so the WSN selfheals. We further manipulate the time dimension and propose a deployment model that speeds up the resiliency improvement process with a tradeo between connectivity and resiliency. In our method, self healing speeds up by introducing nodes that belong to future generations in the time scale. In this way, the duration that the adversary can make use of compromised keys becomes smaller